1. Field of Invention
The present invention relates to an apparatus, a method and a system for detecting a terminal that is manufactured in an unauthorized way, and specifically relates to an apparatus for detecting a DVD player and the like on the network for which a decryption key is generated in an unauthorized way.
2. Description of the Related Art
Recently, various kinds of recording media (such as Digital Versatile Discs (DVD) and apparatuses for playing them back (such as DVD discs) storing a package content (such as video and music soft) have become popular, and various kinds of measures are taken in order to protect their copy rights.
For example, there is a method for decrypting an encrypted content stored in a DVD using a terminal key (or “device key”) stored in a DVD player (refer to related art 1). In this case, an exclusive terminal key is used for each of players. Also, after paying a license fee, the manufacturer of a DVD player receives, from a licensor, one or more terminal keys depending on the license fee.
On the other hand, in a communication system where a center and a group of plural terminals that are connected to the communication network uses a group key, a method for automatically detecting and eliminating an illicitly-copied terminal (for example, refer to related art 2, the Japanese Laid-Open Patent 2002-217890 publication) is also proposed. At the time of distributing a new group key to a terminal, a center connected to the communication network receives, from a terminal, a terminal ID and information obtained by decrypting a terminal random number using a public key of the center, searches communication logs and checks whether there is another terminal for which an identical terminal ID and a different terminal random number are used. In the case where there is such a terminal, the center judges that it is a copy terminal, and it does not distribute any group key. In this case, it is difficult to copy a random number generated in a terminal, which makes it possible to detect the copy terminal that used the random number as an unauthorized terminal in the case where the same random number is detected.
However, in a method of the above-mentioned related art 1, there may be a case where unauthorized terminal keys for which license fee is not paid and a case where a terminal key is decrypted from an authorized DVD player by an illicit analysis and a DVD player where the decrypted terminal key is stored is illicitly copied. The problem in this case is that it is difficult to detect the fact that “an identical terminal key is stored in a plurality of terminals” and detect “which terminal key of an authorized DVD player is stored in an unauthorized DVD player” is difficult.
FIG. 1 is a diagram for explaining the outline of the problem in the above-mentioned related art 1. As shown in FIG. 1, the apparatus manufacturer 100 pays a licensor 150 for license fee for ten thousand apparatuses, receives ten thousand authorized terminal keys (KA1 to KA10000) from the licensor 150 (or a key management company trusted by the licensor 150).
However, like the apparatus manufacturer 200, it is possible to obtain a terminal key (kB1) after paying the licensor 150 for the license fee for an apparatus, illicitly make 9999 copy terminal keys from the terminal key and stores them in ten thousand apparatuses respectively. In addition, like the apparatus manufacturer 300, it is possible to obtain a terminal 201 manufactured by the apparatus manufacturer 200 without paying the licensor 150 for the license fee, illicitly copy the terminal key KB1 stored in the terminal and store the identical terminal keys KB1 in all terminals.
Also, the method of above related art 2 enables detecting whether it is an illicitly-copied terminal or not, but detecting “which terminal key of an authorized DVD player is stored in an unauthorized DVD player” is difficult.
Therefore, an object of the present invention is to provide the authentication server, the unauthorized terminal detection method and the like that enables detecting the fact that the identical terminal key is stored in a plurality of terminals for which terminal key of an authorized terminal is stored in an unauthorized terminal.